Glpi-project

Glpi

201 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 20.23%
  • Veröffentlicht 10.07.2024 20:15:03
  • Zuletzt bearbeitet 07.01.2025 16:58:37

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can exploit a SQL injection vulnerability in some AJAX scripts to alter another u...

  • EPSS 21.08%
  • Veröffentlicht 10.07.2024 20:15:03
  • Zuletzt bearbeitet 07.01.2025 17:03:06

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated technician user can upload a malicious PHP script and hijack the plugin loader to exec...

  • EPSS 0.69%
  • Veröffentlicht 10.07.2024 19:15:10
  • Zuletzt bearbeitet 07.01.2025 16:55:46

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can attach a document to any item, even if the user has no write access on it. Up...

  • EPSS 62.96%
  • Veröffentlicht 07.05.2024 14:15:10
  • Zuletzt bearbeitet 28.01.2025 03:40:57

GLPI is a Free Asset and IT Management Software package. Prior to 10.0.15, an authenticated user can exploit a SQL injection vulnerability in the saved searches feature to alter another user account data take control of it. This vulnerability is fixe...

  • EPSS 59.14%
  • Veröffentlicht 07.05.2024 14:15:10
  • Zuletzt bearbeitet 07.01.2025 16:49:45

GLPI is a Free Asset and IT Management Software package. Prior to 10.0.15, an authenticated user can exploit a SQL injection vulnerability from map search. This vulnerability is fixed in 10.0.15.

  • EPSS 1.88%
  • Veröffentlicht 29.04.2024 18:15:07
  • Zuletzt bearbeitet 15.04.2026 00:35:42

An issue in Infotel Conseil GLPI v.10.X.X and after allows a remote attacker to execute arbitrary code via the insufficient validation of user-supplied input.

  • EPSS 0.82%
  • Veröffentlicht 18.03.2024 17:15:07
  • Zuletzt bearbeitet 02.01.2025 15:30:15

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI administrator in order to exploit a reflected ...

  • EPSS 58.82%
  • Veröffentlicht 18.03.2024 17:15:06
  • Zuletzt bearbeitet 02.01.2025 15:54:08

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can exploit a SQL injection vulnerability in the search engine to extract data from the...

  • EPSS 35.72%
  • Veröffentlicht 18.03.2024 17:15:06
  • Zuletzt bearbeitet 02.01.2025 15:53:19

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can execute a SSRF based attack using Arbitrary Object Instantiation. This issue has be...

  • EPSS 0.67%
  • Veröffentlicht 18.03.2024 17:15:06
  • Zuletzt bearbeitet 02.01.2025 15:47:16

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. A user with rights to create and share dashboards can build a dashboard containing javascript code. Any user ...